CNIT 121: Computer Forensics

The class covers forensics tools, methods, and procedures used for investigation of computers, techniques of data recovery and evidence collection, protection of evidence, expert witness skills, and computer crime investigation techniques. Includes analysis of various file systems and specialized diagnostic software used to retrieve data.

Upon successful completion of this course, the student will be able to:

  1. Define and describe computer investigations
  2. Demonstrate correct methods of evidence gathering
  3. Use and evaluate various operating systems and file systems
  4. Equip a Forensics Lab with appropriate hardware and software
  5. Install, configure, and use various command-line and graphical software forensics tools
  6. Describe and compare various hardware devices employed by computer forensics experts
  7. Retrieve and analyze data from a suspect’s computer
  8. Create security implementation plans
  9. Summarize the evidence and write investigative reports
  10. Utilize the services of expert witnesses
  11. Recover file images, and categorize the data
  12. Examine and trace email messages
  13. Obtain and control digital evidence

Permanent link to this article: